Manage firewall ports on all (known) Linux operating systems.
This example is taken from molecule/resources/playbook.yml
:
---
- name: Converge
hosts: all
become: yes
gather_facts: yes
roles:
- robertdebock.firewall
The machine you are running this on, may need to be prepared.
---
- name: Prepare
hosts: all
gather_facts: no
become: yes
roles:
- robertdebock.bootstrap
Also see a full explanation and example on how to use these roles.
These variables are set in defaults/main.yml
:
---
# defaults file for firewall
# A list of service to allow traffic to.
firewall_services:
- name: ssh
# A bit more difficult example:
# firewall_services:
# - name: ssh
# - name: https
# - name: 5353
# proto: udp
- Access to a repository containing packages, likely on the internet.
- A recent version of Ansible. (Tests run on the current, previous and next release of Ansible.)
The following roles can be installed to ensure all requirements are met, using ansible-galaxy install -r requirements.yml
:
---
- robertdebock.bootstrap
This role is a part of many compatible roles. Have a look at the documentation of these roles for further information.
Here is an overview of related roles:
This role has been tested on these container images:
container | tag | allow_failures |
---|---|---|
debian | stable | yes |
debian | unstable | yes |
debian | latest | no |
centos | 7 | no |
centos | latest | no |
fedora | latest | no |
fedora | rawhide | yes |
opensuse | latest | no |
ubuntu | rolling | yes |
ubuntu | devel | yes |
ubuntu | latest | no |
This role has been tested on these Ansible versions:
- ansible~=2.7
- ansible~=2.8
- git+https://github.com/ansible/ansible.git@devel
The indicator '~=' means compatible with. For example 'ansible~=2.8' would pick the latest ansible-2.8, for example ansible-2.8.6.
Unit tests are done on every commit, pull request, release and periodically.
If you find issues, please register them in GitHub
Testing is done using Tox and Molecule:
Tox tests multiple ansible versions. Molecule tests multiple distributions.
To test using the defaults (any installed ansible version, namespace: robertdebock
, image: fedora
, tag: latest
):
molecule test
# Or select a specific image:
image=ubuntu molecule test
# Or select a specific image and a specific tag:
image="debian" tag="stable" tox
Or you can test multiple versions of Ansible, and select images:
Tox allows multiple versions of Ansible to be tested. To run the default (namespace: robertdebock
, image: fedora
, tag: latest
) tests:
tox
# To run CentOS (namespace: `robertdebock`, tag: `latest`)
image="centos" tox
# Or customize more:
image="debian" tag="stable" tox
This role uses the following modules:
---
- command
- firewalld
- package
- service
- template
- ufw
Apache-2.0